Add a generic header application


Header Architecture
  1. User signs in to Okta.
  2. Okta send user identity SAML to Access Gateway.
  3. Access Gateway adds required application attributes to header and forwards request to back end application.
  4. Application performs request and returns results to Access Gateway.
  5. Access Gateway performs rewrites and returns request to user.
For more details on the header application reference architecture see Header reference architecture.

Before you begin

Ensure that:

  • You have administrator rights on your Okta tenant and can assign applications to users and create groups.
  • Appropriate DNS entries for both the header application and the external exposed new URL exist.
    For example:
    https://ext-header.example.comLegacy application URL.
    Referenced by the end user.
    https://int-header.example.comProtected Web resource URL.
    Referenced by Access Gateway.

Typical workflow



Create a containing group Best practice, create an optional group to be assigned to the application.
Create header application Create a header application which defaults to the shared common back end.
Assign certificate [Optional] Continue the app creation process by assigning an optional certificate to the application.
Add additional attributes [Optional] Add additional attributes to the application.
Add access policy [Optional] Add access control policy.
Test the application Test the application.
Troubleshoot When required troubleshoot the integration.

Related topics

Add application behaviors. See Application behaviors.

Add fine grained policy to further protect resources. See Application policy and Manage access control application policy for an overview on user policy and for examples respectively.

Extend existing policy using custom configuration. See Advanced Access Gateway policy.